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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 



- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 



3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 1-32 is/are pending in the application. 

4a) Of the above claim(s) 28-32 is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1-27 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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DETAILED ACTION 

Claim Rejections - 35 USC § 103 

Claims 1-27 are rejected under 35 U.S.C. 103(a) as being unpatentable over Cooper (U.S. 
2001/0051996) in view of Williams (U.S. 2002/0002541) in further view of Hay (US 
2003/0163787). 

As per claim 1, Cooper teaches a method for distributing data over a network comprising: 
issuing a certificate and a private key to a client for identifying the client in a transaction (page 2, 
paragraph 0018; page 3, paragraph 0042); verifying a digital signature using the certificate 
before distributing data to the client (page 2, paragraph 0019); generating a message associated 
with the data being downloaded to the client and associated with the user's private key (page 8, 
paragraph 0102); and distributing the data and the associated message to the client (page 8, 
paragraph 0110). Cooper does not specifically teach the storage of the private key and digital 
certificate on a.token. Williams teaches the storage of key and certificate information on a token, 
or cookie (page 3, paragraph 0042). It would have been obvious to one of ordinary skill in the 
art to include the ability of the key and certificate to be stored on a token, as taught by Williams 
in the system of Cooper. The motivation for doing so lies in the fact that the storage of the key 
and certificate on a cookie would bypass login procedures for future use, allowing for ease of 
use. Both inventions are from the same field of endeavor, namely the reliable transmittal of data 
files over a network. Cooper- Williams does not specifically teach that the client's token in 
question is a portable and physical device. Hay teaches the use of a physical, portable token for 
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use in content delivery systems, among other things (paragraphs 0005, 0050). In light of 
Cooper-Williams' use of a token to store key information and certificate characteristics, it would 
have been obvious to one of ordinary skill in the art at the time of the invention to include that 
this token is a physical, portable device, as taught by Hay in the system of Cooper-Williams. 
The motivation for doing so lies in the fact that a physical token is a well-known component in 
the art, and having portability would allow for content to be accessed from anywhere the token 
is, which is the basis of Hay's invention. The motivation to combine teachings lies in the fact 
that Hay discloses its use in a media content delivery system, in which extended access is 
allowed. All inventions are from the same field of endeavor, namely the efficient movement of 
network content, with security measures implemented therein. 

As per claim 2, Cooper- Williams-Hay teaches the method of claim L further comprising 
providing the client with information necessary for establishing an account (Cooper: page 8, 
paragraph 0126). 

As per claim 3, Cooper- Williams-Hay teaches the method of claim 2, further comprising 
providing the client with the token (Cooper: page 2, paragraph 0019; where the authentication of 
the certificate given by the user constitutes providing the client with the token, in light of the 
treatment of claim 1). 

As per claim 4, Cooper- Williams-Hay teaches a method for distributing data over a 
network comprising: establishing a secure connection between a client and a server (Cooper: 
page 2, paragraph 0032); issuing a certificate and the private key to the client for identifying the 
client in a transaction (page 2, paragraph 0018); and storing the certificate and the private key in 
a portable token of the client and used by the client during a transaction, the portable token being 
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a physical device (Cooper: page 2, paragraph 0018; Williams: page 5, paragraph 0042; Hay: 
paragraphs 0005, 0050). 

As per claim 5, Cooper- Williams-Hay teaches the method of claim 4, further comprising 
distributing data to the client (Cooper: page 2, paragraph 0019). 

As per claim 6, Cooper- Williams-Hay teaches the method of claim 5, further comprising 
requesting information from the client for establishing an account (Cooper: page 8, paragraph 
0126). 

As per claim 7, Cooper- Williams-Hay teaches the method of claim 4, wherein 
establishing a secure connection comprises establishing a secure connection using a security 
protocol (Cooper: page 2, paragraph 0032). 

As per claim 8, Cooper- Williams-Hay teaches the method of claim 7, wherein the 
security protocol is the secure socket layer protocol (Cooper: page 2, paragraph 0032). 

As per claim 9, Cooper- Williams-Hay teaches the method of claim 6, wherein the 
requesting information comprises requesting a credit card number (Cooper: page 8, paragraph 
0126). 

As per claim 10, Cooper- Williams-Hay teaches the method of claim 6, wherein 
requesting information comprises requesting a password (Cooper: page 8, paragraph 0126). 

As per claim 1 1 , Cooper- Williams-Hay teaches the method of claim 4, wherein storing 
the certificate comprises: interfacing the token to a client computer (Cooper: page 1, paragraph 
0018; page 2, paragraph 0042; Williams: page 5, paragraph 0042); and writing the certificate 
and the private key to the token across the network (Cooper: page 2, paragraph 0043). 
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As per claim 12, Cooper-Williams-Hay teaches the method of claim 4, wherein storing 
the certificate comprises: interfacing the token to a server computer (Cooper: page 2, paragraph 
0042); and writing the certificate to the token at the server computer (Cooper: page 5, paragraph 
0064). 

As per claim 13, Cooper-Williams-Hay teaches the method of claim 5, wherein 
distributing data to the client comprises distributing a media player (Cooper: page 12, paragraph 
0179). 

As per claim 14, Cooper- Williams-Hay teaches a method for distributing data over a 
network comprising: establishing a secure connection between a client and a server (Cooper: 
page 2, paragraph 0032); receiving a request from the client for data to be downloaded (Cooper: 
page 2. paragraph 0019); generating a message associated with the data being downloaded to the 
client and associated with a portable token of the client and used by the client, the portable token 
being a physical device (Cooper: page 8, paragraph 0102; Williams: page 5, paragraph 0042; 
Hay: 0005, 0050); and distributing the data and the associated message to the client (Cooper: 
page 8, paragraph 0110). 

As per claim 15, Cooper- Williams-Hay teaches the method of claim 14, wherein 
establishing a secure connection comprises establishing a secure connection using a security 
protocol (Cooper: page 2, paragraph 0032). 

As per claim 16, Cooper- Williams-Hay teaches the method of claim 15, wherein the 
security protocol is the secure socket layer protocol (Cooper: page 2, paragraph 0032). 

As per claim 17, Cooper- Williams-Hay teaches the method of claim 14, wherein 
establishing a secure connection comprises requesting authentication information from the client 
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(Cooper: page 8, paragraph 0126); and sending authentication information from the server 
(Cooper: page 5, paragraph 0057). 

As per claim 18, Cooper- Williams-Hay teaches the method of claim 17, wherein 
requesting authentication information from the client comprises requesting a certificate from the 
client (Cooper: page 2, paragraph 001 8); and requesting a digital signature from the client 
(Cooper: page 5, paragraph 0057; where the retrieving of a digital certificate includes the digital 
signature). 

As per claim 19, Cooper- Williams-Hay teaches the method of claim 17, wherein sending 
authentication information from the server comprises sending a certificate from the server; and 
sending a digital signature from the server (Cooper: page 14, paragraphs 205-209). 

As per claim 20, Cooper- Williams-Hay teaches the method of claim 1 8. wherein 
requesting a certificate comprises reading the certificate from the token used by the client 
(Cooper: page 1 1, paragraph 0163). 

As per claim 21, Cooper- Williams-Hay teaches the method of claim 14, wherein 
generating a message further comprises: including in the message a data identification number 
(Cooper: page 5, paragraph 0060, page 6, paragraph 0075, and page 8, paragraph 0102; where 
the watermark contains the identification number and message); including in the message a 
period of time for which the data may be used by the client (Williams: page 1, paragraph 0005); 
including in the message a distinguishing number of the token used by the client when requesting 
data (Cooper: page 5, paragraph 0060, page 6, paragraph 0075, and page 8, paragraph 0102); 
and including in the message a symmetrical key used to encrypt the data from the server to the 
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client over the network (Cooper: page 5, paragraph 0060, page 6, paragraph 0075, and page 8, 
paragraph 0102). Motivations to combine teachings are discussed in the treatment of claim 1. 

As per claim 22, Cooper- Williams-Hay teaches the method of claim 14, wherein 
generating a message further comprises generating a message using a public key (asymmetric) 
cryptographic algorithm (Cooper: page 8, paragraph 0103). 

As per claim 23, Cooper- Williams-Hay teaches a method of securely utilizing 
downloaded data comprising: opening a media player (Cooper: page 8, paragraph 0124); 
opening a data file (Cooper: page 8, paragraph 0124); requesting a portable token from and used 
by a client, the portable token being a physical device (Cooper: page 2, paragraph 0018; Hay: 
0005, 0050); reading a distinguishing number from the token (Cooper: page 5, paragraph 0060, 
page 6, paragraph 0075, and page 8, paragraph 0102); verifying a digital message associated 
with the data file and the token using the media player, the distinguishing number, and a private 
key in the token (Cooper: page 5, paragraph 0060, page 6, paragraph 0075, and page 8, 
paragraph 0102). 

As per claim 24, Cooper- Williams-Hay teaches the method of claim 23, wherein in 
verifying a digital message, the media player reads the private key from the token to decrypt the 
digital message (Cooper: page 3, paragraph 0043). 

As per claim 25, Cooper- Williams-Hay teaches the method of claim 23, wherein in 
verifying a digital message, the media player sends the digital message to the token (Cooper: 
page 5, paragraph 0060, page 6, paragraph 0075, and page 8, paragraph 0102; where the whole 
watermarking process entails verification). 
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As per claim 26, Cooper-Williams-Hay teaches the method of claim 25 and the use of a 
public key to decrypt an encrypted symmetric key, but does not specifically teach the token's 
decryption of an encrypted symmetric key using the private key. It would have been obvious to 
one of ordinary skill in the art at the time of the invention to include the functionality of the use 
of a private key to decrypt an encrypted symmetric key, as it is well known in the art. (See: 
Fischer, U.S. 5,436,972; column 12, lines 36-45, for example). Also, the use of a private key to 
decrypt, over the use of a public key is a design choice, and is thus not patentably distinct. 

As per claim 27, Cooper- Williams-Hay teaches the method of claim 23, wherein 
verifying a digital message comprises verifying the distinguishing number read from the token 
(Cooper: page 5, paragraph 0060, page 6, paragraph 0075, and page 8, paragraph 0102); 
verifying a time period associated with the data file (Williams: page 1, paragraph 0005); 
decrypting an encrypted symmetrical key using the private key from the token; and decrypting 
the data file using the symmetrical key (see discussion of claim 26). 

Response to Arguments 

Applicant's arguments filed on March 2, 2005 have fully been considered. As such, new 
grounds of rejection have been issued, necessitated by Applicant's amendment. 



Conclusion 
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Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1. 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Tanim Hossain whose telephone number is 571/272-3881. The 
examiner can normally be reached on 8:30 am - 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Valencia Martin-Wallace can be reached on 571/272-6159. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Tanim Hossain 

Patent Examiner y^) - ^ 
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